From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 13 Nov 2024 01:08:29 +0000 (+0900)
Subject: audit-util: return -ENODATA from audit_{session|loginuid}_from_pid() if invoked in... 
X-Git-Tag: v257-rc2~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d762b14e382b9bde14dd92f8750db91e7f00bf99;p=thirdparty%2Fsystemd.git

audit-util: return -ENODATA from audit_{session|loginuid}_from_pid() if invoked in a container (#35072)

The auditing subsystem is still not virtualized for containers, hence
the two values don't really make sense inside them, they will just leak
information from outside into the container. Hence don't make use of the
data if we detect we are run inside of a container.

This has visible effects: logind will no longer try to reuse the
auditing session ids as its own session ids when run inside a container.

While are at it, modernize the calls in more ways:

1. switch to pidref behaviour, all but one of our uses are using pidref
anyway already.
2. use read_virtual_file() + proc_mounted()
3. reasonably distinguish ENOENT errors when reading the process proc
files: distinguish the case where /proc is not mounted, from the case
where the process is already gone, from where auditing is not enabled in
the kernel build.
---

d762b14e382b9bde14dd92f8750db91e7f00bf99